[portal-commits] JBoss Portal SVN: r13461 - in modules/authorization/trunk: agent and 27 other directories.

Author: sohil.shah(a)jboss.com Date: 2009-06-16 12:47:34 -0400 (Tue, 16 Jun 2009) New Revision: 13461 Added: modules/authorization/trunk/agent/ modules/authorization/trunk/agent/pom.xml modules/authorization/trunk/agent/src/ modules/authorization/trunk/agent/src/main/ modules/authorization/trunk/agent/src/main/java/ modules/authorization/trunk/agent/src/main/java/org/ modules/authorization/trunk/agent/src/main/java/org/jboss/ modules/authorization/trunk/agent/src/main/java/org/jboss/security/ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/ComponentRepository.java modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposer.java modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleDeclarationRepository.java modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java modules/authorization/trunk/agent/src/main/resources/ modules/authorization/trunk/agent/src/main/resources/META-INF/ modules/authorization/trunk/agent/src/main/resources/authz-components.xml modules/authorization/trunk/agent/src/test/ modules/authorization/trunk/agent/src/test/java/ modules/authorization/trunk/agent/src/test/java/org/ modules/authorization/trunk/agent/src/test/java/org/jboss/ modules/authorization/trunk/agent/src/test/java/org/jboss/security/ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/NoPermitMeansDeniedAlg.java modules/authorization/trunk/agent/src/test/resources/ modules/authorization/trunk/agent/src/test/resources/log4j.properties Removed: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/agent/ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentRepository.java modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/PolicyComposer.java modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposer.java modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposition.java modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleDeclarationRepository.java modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/TargetComposition.java modules/authorization/trunk/core-components-api/src/main/resources/META-INF/ modules/authorization/trunk/core-components-api/src/main/resources/authz-components.xml modules/authorization/trunk/core-components-api/src/test/java/org/jboss/security/authz/components/repository/ Modified: modules/authorization/trunk/.classpath modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestConfiguration.java modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestPolicyComposition.java modules/authorization/trunk/common-api/pom.xml modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java modules/authorization/trunk/core-components-api/pom.xml modules/authorization/trunk/pom.xml Log: refactoring Modified: modules/authorization/trunk/.classpath =================================================================== --- modules/authorization/trunk/.classpath 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/.classpath 2009-06-16 16:47:34 UTC (rev 13461) @@ -7,7 +7,11 @@ <classpathentry kind="src" path="core-components-api/src/main/java"/> <classpathentry kind="src" path="core-components-api/src/main/resources"/> <classpathentry kind="src" path="core-components-api/src/test/java"/> - <classpathentry kind="src" path="core-components-api/src/test/resources"/> + <classpathentry kind="src" path="core-components-api/src/test/resources"/> + <classpathentry kind="src" path="agent/src/main/java"/> + <classpathentry kind="src" path="agent/src/main/resources"/> + <classpathentry kind="src" path="agent/src/test/java"/> + <classpathentry kind="src" path="agent/src/test/resources"/> <classpathentry kind="src" path="policy-server/src/main/java"/> <classpathentry kind="src" path="policy-server/src/main/resources"/> <classpathentry kind="src" path="policy-server/src/test/java"/> Added: modules/authorization/trunk/agent/pom.xml =================================================================== --- modules/authorization/trunk/agent/pom.xml (rev 0) +++ modules/authorization/trunk/agent/pom.xml 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,38 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.security.authz</groupId> + <artifactId>jboss-authz-parent</artifactId> + <version>trunk-SNAPSHOT</version> + <relativePath>../pom.xml</relativePath> + </parent> + + <modelVersion>4.0.0</modelVersion> + <artifactId>agent</artifactId> + <packaging>jar</packaging> + <name>JBoss Authorization Client Side Agent</name> + <url>http://www.jboss.org</url> + <description>Represents the Agent that lives on the Client Side along with the Application being secured</description> + + <dependencies> + <dependency> + <groupId>org.jboss.security.authz</groupId> + <artifactId>common-api</artifactId> + <version>${project.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.security.authz</groupId> + <artifactId>core-components-api</artifactId> + <version>${project.version}</version> + </dependency> + <!-- jboss microcontainer --> + <dependency> + <groupId>org.jboss.microcontainer</groupId> + <artifactId>jboss-kernel</artifactId> + </dependency> + <!-- jboss xacml --> + <dependency> + <groupId>org.jboss.security</groupId> + <artifactId>jboss-xacml</artifactId> + </dependency> + </dependencies> +</project> Copied: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent (from rev 13459, modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/agent) Property changes on: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/ComponentRepository.java (from rev 13459, modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentRepository.java) =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/ComponentRepository.java (rev 0) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/ComponentRepository.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,64 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.agent.services; + +import java.util.Map; + +import org.jboss.security.authz.component.Component; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class ComponentRepository +{ + private Map<String, Component> registeredComponents; + + public ComponentRepository() + { + + } + + public void start() + { + + } + + public void stop() + { + + } + //-----------Repository Access related services---------------------------------------------------------------------------------------------------------------------------------------------------------- + public void register(String name, Component component) + { + this.registeredComponents.put(name, component); + } + + public Component getComponent(String name) + { + return this.registeredComponents.get(name); + } + + public void unregister(String name) + { + this.registeredComponents.remove(name); + } +} Property changes on: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/ComponentRepository.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java (from rev 13459, modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/PolicyComposer.java) =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java (rev 0) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,30 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.agent.services; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class PolicyComposer +{ + +} Property changes on: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/PolicyComposer.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposer.java (from rev 13459, modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposer.java) =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposer.java (rev 0) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposer.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,30 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.agent.services; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class RuleComposer +{ + +} Property changes on: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposer.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java (from rev 13459, modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposition.java) =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java (rev 0) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,210 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.agent.services; + +import java.lang.reflect.Method; +import java.lang.annotation.Annotation; +import java.util.Set; +import java.util.HashSet; + +import org.apache.log4j.Logger; + +import org.jboss.security.authz.component.LogicExpression; +import org.jboss.security.authz.model.Rule; +import org.jboss.security.authz.model.Expression; +import org.jboss.security.authz.model.Effect; +import org.jboss.security.authz.model.Target; +import org.jboss.security.authz.model.DroolsRuleExpression; +import org.jboss.security.authz.tools.GeneralTool; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class RuleComposition +{ + private static Logger log = Logger.getLogger(RuleComposition.class); + + private Object targetComponent; + private Object logicComponent; + private String expressionName; + private Effect effect; + + public RuleComposition() + { + + } + + public Object getTargetComponent() + { + return targetComponent; + } + + public void setTargetComponent(Object targetComponent) + { + this.targetComponent = targetComponent; + } + + public Object getLogicComponent() + { + return logicComponent; + } + + public void setLogicComponent(Object logicComponent) + { + this.logicComponent = logicComponent; + } + + public Effect getEffect() + { + return effect; + } + + public void setEffect(Effect effect) + { + this.effect = effect; + } + + public String getExpressionName() + { + return expressionName; + } + + public void setExpressionName(String expressionName) + { + this.expressionName = expressionName; + } + //---------------------------------------------------------------------------------------------------------------------------------------------------------------- + public Set<Rule> compose() + { + if(this.effect == null) + { + throw new IllegalStateException("Effect is missing!!"); + } + + if(this.expressionName != null) + { + if(this.logicComponent == null) + { + throw new IllegalStateException("Logic Component is missing!!"); + } + } + + try + { + Set<Rule> rules = new HashSet<Rule>(); + + Rule rule = new Rule(); + + rule.setRuleId(GeneralTool.generateUniqueId()); + rule.setEffect(this.effect); + + //Generate the Target for this rule + Set<Target> impliedActions = new HashSet<Target>(); + if(this.targetComponent != null) + { + TargetComposition targetComposition = new TargetComposition(); + targetComposition.setTargetComponent(this.targetComponent); + rule.setTarget(targetComposition.compose()); + + Set<Target> cour = targetComposition.composeImpliedTargets(); + if(cour != null && !cour.isEmpty()) + { + impliedActions.addAll(cour); + } + } + + //Generate the Logic Expression of this rule + if(this.expressionName != null) + { + rule.setExpression(this.generateExpression()); + } + + rules.add(rule); + + //Add any implied actions + if(impliedActions != null && !impliedActions.isEmpty()) + { + for(Target impliedAction: impliedActions) + { + Rule impliedRule = new Rule(); + + impliedRule.setRuleId(GeneralTool.generateUniqueId()); + impliedRule.setEffect(rule.getEffect()); + impliedRule.setExpression(rule.getExpression()); + impliedRule.setTarget(impliedAction); + + rules.add(impliedRule); + } + } + + return rules; + } + catch(Exception e) + { + //TODO: handle this properly + log.error(this, e); + throw new RuntimeException(e); + } + } + //---------------------------------------------------------------------------------------------------------------------------------------------------------------- + private Expression generateExpression() throws Exception + { + DroolsRuleExpression expression = new DroolsRuleExpression(); + + //Read the LogicExpression of the Logic Component + Method expressionMethod = this.findExpression(this.logicComponent.getClass(), this.expressionName); + expressionMethod.setAccessible(true); + + String[] expressionMetaData = (String[])expressionMethod.invoke(this.logicComponent, null); + + expression.setRuleReference(expressionMetaData[0]); + expression.setRule(expressionMetaData[1]); + + return expression; + } + + private Method findExpression(Class targetClass, String expressionName) + { + Method[] declaredMethods = targetClass.getDeclaredMethods(); + if(declaredMethods != null) + { + for(Method declaredMethod: declaredMethods) + { + Annotation logicExpression = declaredMethod.getAnnotation(LogicExpression.class); + if(logicExpression != null) + { + if(declaredMethod.getName().equals(expressionName)) + { + return declaredMethod; + } + } + } + } + + if(targetClass.getSuperclass() != null) + { + return this.findExpression(targetClass.getSuperclass(), expressionName); + } + + return null; + } +} Property changes on: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleComposition.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleDeclarationRepository.java (from rev 13459, modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleDeclarationRepository.java) =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleDeclarationRepository.java (rev 0) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleDeclarationRepository.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,65 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.agent.services; + +import java.util.Set; +import java.util.HashSet; + +import org.apache.log4j.Logger; +import org.jboss.security.authz.component.ComponentMarker; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class RuleDeclarationRepository +{ + private static Logger log = Logger.getLogger(RuleDeclarationRepository.class); + + private Set<ComponentMarker> components; + + public RuleDeclarationRepository() + { + } + + public void start() + { + this.components = new HashSet<ComponentMarker>(); + log.info("-------------------------------------------------------------------"); + log.info("RuleDeclarationRepository successfully started....................."); + log.info("-------------------------------------------------------------------"); + } + + public void stop() + { + + } + + public void register(ComponentMarker component) + { + this.components.add(component); + + log.debug("--------------------------------------------------------------"); + log.debug(component.getClass()+" was successfully registered............."); + log.debug("--------------------------------------------------------------"); + } + //--------------------------------------------------------------------------------------------------------------------------------------------------------------- +} Property changes on: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/RuleDeclarationRepository.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java (from rev 13459, modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/TargetComposition.java) =================================================================== --- modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java (rev 0) +++ modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,222 @@ +/* +* JBoss, a division of Red Hat +* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated +* by the @authors tag. See the copyright.txt in the distribution for a +* full listing of individual contributors. +* +* This is free software; you can redistribute it and/or modify it +* under the terms of the GNU Lesser General Public License as +* published by the Free Software Foundation; either version 2.1 of +* the License, or (at your option) any later version. +* +* This software is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +* Lesser General Public License for more details. +* +* You should have received a copy of the GNU Lesser General Public +* License along with this software; if not, write to the Free +* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +* 02110-1301 USA, or see the FSF site: http://www.fsf.org. +*/ +package org.jboss.security.authz.agent.services; + +import java.lang.annotation.Annotation; +import java.lang.reflect.Field; +import java.util.Set; +import java.util.HashSet; + +import org.apache.log4j.Logger; + +import org.jboss.security.authz.component.Component; +import org.jboss.security.authz.component.ComponentCategory; +import org.jboss.security.authz.component.ImpliedActions; +import org.jboss.security.authz.component.TargetUri; +import org.jboss.security.authz.model.Target; +import org.jboss.security.authz.model.Attribute; +import org.jboss.security.authz.model.AttributeExpression; +import org.jboss.security.xacml.interfaces.XACMLConstants; +import org.jboss.security.xacml.interfaces.XMLSchemaConstants; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + */ +public class TargetComposition +{ + private static Logger log = Logger.getLogger(TargetComposition.class); + + private Object targetComponent; + + public TargetComposition() + { + + } + + public Object getTargetComponent() + { + return targetComponent; + } + + public void setTargetComponent(Object targetComponent) + { + this.targetComponent = targetComponent; + } + //------------------------------------------------------------------------------------------------------------------------------------------------------------------ + public Target compose() + { + if(this.targetComponent == null) + { + throw new IllegalStateException("Target Component is null!!"); + } + + try + { + Target mainTarget = this.generateTarget(); + return mainTarget; + } + catch(Exception e) + { + //TODO: handle this properly + log.error(this, e); + throw new RuntimeException(e); + } + } + + public Set<Target> composeImpliedTargets() + { + try + { + Set<Target> impliedTargets = new HashSet<Target>(); + + String[] impliedActions = this.findImpliedActions(this.targetComponent.getClass()); + if(impliedActions != null) + { + for(String impliedAction: impliedActions) + { + //TODO: Find the Action Component from the repository + Object impliedActionComponent = null; + if(impliedAction.equals("read")) + { + impliedActionComponent = Thread.currentThread().getContextClassLoader().loadClass("org.jboss.security.authz.components.action.Read").newInstance(); + } + else if(impliedAction.equals("write")) + { + impliedActionComponent = Thread.currentThread().getContextClassLoader().loadClass("org.jboss.security.authz.components.action.Write").newInstance(); + } + + //Compose this action target + TargetComposition comp = new TargetComposition(); + comp.setTargetComponent(impliedActionComponent); + impliedTargets.add(comp.compose()); + } + } + + return impliedTargets; + } + catch(Exception e) + { + //TODO: handle this properly + log.error(this, e); + throw new RuntimeException(e); + } + } + //---------------------------------------------------------------------------------------------------------------------------------------------------------------- + private Target generateTarget() throws Exception + { + Target target = new Target(); + + //Read the TargetUri + Field targetField = this.findTargetField(this.targetComponent.getClass()); + targetField.setAccessible(true); + Object targetUriObj = targetField.get(this.targetComponent); + + //Get a String representation of this URI + String uriStr = targetUriObj.toString(); + + //use the proper category for the data + ComponentCategory category = this.findComponentCategory(this.targetComponent.getClass()); + String attributeCategory = category.getAttributeCategory(); + + AttributeExpression urlExpression = new AttributeExpression(); + if (uriStr.charAt(0) == '/' && uriStr.endsWith("/*")) + { + // If URL starts with '/' and ends with "/*", use a regular + // expression to match it (In consistency with the servlet spec) + urlExpression + .setFunctionId(XACMLConstants.FUNCTION_REGEXP_STRING_MATCH); + + String uriexp = uriStr.substring(1, uriStr.length() - 2); + StringBuilder buffer = new StringBuilder(); + buffer.append("^/" + uriexp + "$|"); + buffer.append("^" + uriexp + "$|"); + buffer.append("^/" + uriexp + "/.*|"); + buffer.append("^" + uriexp + "/.*"); + + Attribute attribute = new Attribute( + attributeCategory, + XMLSchemaConstants.DATATYPE_STRING, buffer.toString()); + urlExpression.setAttribute(attribute); + } + else + { + // use an exact match + urlExpression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL); + + Attribute attribute = new Attribute( + attributeCategory, + XMLSchemaConstants.DATATYPE_STRING, uriStr); + urlExpression.setAttribute(attribute); + } + + //Depending up the data category add the appropriate match expression + category.setExpression(target, urlExpression); + + return target; + } + + private ComponentCategory findComponentCategory(Class targetClass) + { + Annotation component = targetClass.getAnnotation(Component.class); + if(component != null) + { + return ((Component)component).category(); + } + + return null; + } + + private String[] findImpliedActions(Class targetClass) + { + Annotation impliedActions = targetClass.getAnnotation(ImpliedActions.class); + if(impliedActions != null) + { + return ((ImpliedActions)impliedActions).value(); + } + + return null; + } + + private Field findTargetField(Class targetClass) + { + Field[] declaredFields = targetClass.getDeclaredFields(); + if(declaredFields != null) + { + for(Field declaredField: declaredFields) + { + Annotation targetUri = declaredField.getAnnotation(TargetUri.class); + if(targetUri != null) + { + return declaredField; + } + } + } + + //If I get here, query the super class + if(targetClass.getSuperclass() != null) + { + return this.findTargetField(targetClass.getSuperclass()); + } + + return null; + } +} Property changes on: modules/authorization/trunk/agent/src/main/java/org/jboss/security/authz/agent/services/TargetComposition.java ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/resources/META-INF (from rev 13459, modules/authorization/trunk/core-components-api/src/main/resources/META-INF) Property changes on: modules/authorization/trunk/agent/src/main/resources/META-INF ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/main/resources/authz-components.xml (from rev 13459, modules/authorization/trunk/core-components-api/src/main/resources/authz-components.xml) =================================================================== --- modules/authorization/trunk/agent/src/main/resources/authz-components.xml (rev 0) +++ modules/authorization/trunk/agent/src/main/resources/authz-components.xml 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,66 @@ +<?xml version="1.0" encoding="UTF-8"?> +<components> + <!-- + TODO: Just for prototyping the Component Contract. Eventually the method of configuration will be POJO components with Annotations + --> + <target-component name="uri" category="resource" class="org.jboss.security.authz.components.resource.URIResource"> + <target-uri>uniqueUri</target-uri> + </target-component> + + <target-component name="operation" category="action" class="org.jboss.security.authz.components.action.Operation"> + <target-uri>name</target-uri> + </target-component> + + <target-component name="read" category="action" class="org.jboss.security.authz.components.action.Read"> + <target-uri>name</target-uri> + </target-component> + + <target-component name="write" category="action" class="org.jboss.security.authz.components.action.Write"> + <target-uri>name</target-uri> + </target-component> + + <target-component name="manage" category="action" class="org.jboss.security.authz.components.action.Manage"> + <target-uri>name</target-uri> + </target-component> + + <logic-component name="identity" category="subject" class="org.jboss.security.authz.components.subject.Identity"> + <target-uri>uri</target-uri> + <logic-data> + <data>name</data> + </logic-data> + </logic-component> + + <logic-component name="roles" category="subject" class="org.jboss.security.authz.components.subject.Roles"> + <target-uri></target-uri> + <logic-data> + <data>names</data> + </logic-data> + <logic-expressions> + <expression>allowExpression</expression> + <expression>denyExpression</expression> + </logic-expressions> + </logic-component> + + + <!-- + Core Rule Compositions shipped with the framework. These can be re-used and more compositions can be added + depending upon Application/Profile Requirements + --> + <rule-composition name="permitIdentity" outcome="permit"> + <target-component>identity</target-component> + </rule-composition> + + <rule-composition name="denyIdentity" outcome="deny"> + <target-component>identity</target-component> + </rule-composition> + + <rule-composition name="permitRole" outcome="permit"> + <target-component>operation</target-component> + <logic-component expression="allowExpression">roles</logic-component> + </rule-composition> + + <rule-composition name="denyRole" outcome="deny"> + <target-component>operation</target-component> + <logic-component expression="denyExpression">roles</logic-component> + </rule-composition> +</components> \ No newline at end of file Property changes on: modules/authorization/trunk/agent/src/main/resources/authz-components.xml ___________________________________________________________________ Name: svn:mergeinfo + Copied: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services (from rev 13459, modules/authorization/trunk/core-components-api/src/test/java/org/jboss/security/authz/components/repository) Property changes on: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services ___________________________________________________________________ Name: svn:mergeinfo + Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestConfiguration.java =================================================================== --- modules/authorization/trunk/core-components-api/src/test/java/org/jboss/security/authz/components/repository/TestConfiguration.java 2009-06-16 11:32:25 UTC (rev 13459) +++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestConfiguration.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -19,7 +19,7 @@ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.security.authz.components.repository; +package org.jboss.security.authz.agent.services; import java.io.InputStream; @@ -28,8 +28,8 @@ import org.apache.log4j.Logger; import org.jboss.security.authz.tools.GeneralTool; -import org.jboss.security.authz.component.ComponentRepository; import org.jboss.security.authz.agent.Agent; +import org.jboss.security.authz.agent.services.ComponentRepository; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestPolicyComposition.java =================================================================== --- modules/authorization/trunk/core-components-api/src/test/java/org/jboss/security/authz/components/repository/TestPolicyComposition.java 2009-06-16 11:32:25 UTC (rev 13459) +++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/services/TestPolicyComposition.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -19,7 +19,7 @@ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ -package org.jboss.security.authz.components.repository; +package org.jboss.security.authz.agent.services; import java.util.Set; import java.util.HashSet; @@ -35,15 +35,15 @@ import org.jboss.security.authz.model.Target; import org.jboss.security.authz.model.Rule; +import org.jboss.security.authz.agent.services.RuleComposition; +import org.jboss.security.authz.agent.services.TargetComposition; import org.jboss.security.authz.components.subject.Identity; import org.jboss.security.authz.components.subject.Roles; import org.jboss.security.authz.components.action.Read; import org.jboss.security.authz.components.action.Manage; import org.jboss.security.authz.components.resource.URIResource; -import org.jboss.security.authz.component.RuleComposition; -import org.jboss.security.authz.component.TargetComposition; -import org.jboss.security.authz.test.MockPolicy; +import org.jboss.security.authz.agent.test.MockPolicy; /** * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> Added: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java =================================================================== --- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java (rev 0) +++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/MockPolicy.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,276 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.agent.test; + +import java.util.List; +import java.util.Set; +import java.io.ByteArrayOutputStream; +import java.io.IOException; +import java.util.UUID; + +import javax.xml.bind.JAXBElement; + +import org.jboss.security.authz.model.Policy; +import org.jboss.security.authz.model.PolicyMetaData; +import org.jboss.security.authz.model.Rule; +import org.jboss.security.authz.model.Effect; +import org.jboss.security.authz.model.PolicyException; +import org.jboss.security.authz.model.AttributeExpression; +import org.jboss.security.authz.model.DroolsRuleExpression; +import org.jboss.security.authz.model.Expression; +import org.jboss.security.authz.xacml.AttributeDesignatorUtil; +import org.jboss.security.authz.xacml.PolicyUtil; + +import org.jboss.security.xacml.core.model.policy.ActionMatchType; +import org.jboss.security.xacml.core.model.policy.SubjectMatchType; +import org.jboss.security.xacml.core.model.policy.ApplyType; +import org.jboss.security.xacml.core.model.policy.VariableReferenceType; +import org.jboss.security.xacml.core.model.policy.EffectType; +import org.jboss.security.xacml.core.model.policy.PolicyType; +import org.jboss.security.xacml.core.model.policy.ResourceMatchType; +import org.jboss.security.xacml.core.model.policy.ResourcesType; +import org.jboss.security.xacml.core.model.policy.ResourceType; +import org.jboss.security.xacml.core.model.policy.ActionsType; +import org.jboss.security.xacml.core.model.policy.ActionType; +import org.jboss.security.xacml.core.model.policy.SubjectsType; +import org.jboss.security.xacml.core.model.policy.SubjectType; +import org.jboss.security.xacml.core.model.policy.RuleType; +import org.jboss.security.xacml.core.model.policy.TargetType; +import org.jboss.security.xacml.core.model.policy.ConditionType; +import org.jboss.security.xacml.core.model.policy.ObjectFactory; +import org.jboss.security.xacml.core.model.policy.AttributeValueType; +import org.jboss.security.xacml.core.model.policy.SubjectAttributeDesignatorType; +import org.jboss.security.xacml.factories.PolicyAttributeFactory; + +/** + * Used for specifying policies for Resources represented by unique URIs, sometimes forming a tree like relationship with other Resources in the system + * + * An example of such resources would be tree of resources/nodes in a Content Management System + * + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class MockPolicy extends Policy +{ + + public MockPolicy(String policyUri, PolicyMetaData metaData) throws PolicyException + { + super(policyUri, metaData); + } + + + @Override + public String generateSystemPolicy() throws PolicyException + { + ByteArrayOutputStream bos = null; + try + { + String xacmlXml = null; + + //SetUp the Policy Header + ObjectFactory objectFactory = new ObjectFactory(); + PolicyType policyType = new PolicyType(); + policyType.setPolicyId(this.policyUri); + policyType.setVersion("2.0"); + policyType.setRuleCombiningAlgId(new NoPermitMeansDeniedAlg().getIdentifier().toString()); + + TargetType targetType = new TargetType(); + policyType.setTarget(targetType); + + //Process Resource Matches as Targets for the Policy + List<AttributeExpression> resourceMatches = this.metaData.getTarget().getResourceMatches(); + if(resourceMatches != null && !resourceMatches.isEmpty()) + { + ResourcesType resourcesType = new ResourcesType(); + targetType.setResources(resourcesType); + ResourceType resourceType = new ResourceType(); + + for(AttributeExpression resourceMatch: resourceMatches) + { + ResourceMatchType rmt = new ResourceMatchType(); + + rmt.setMatchId(resourceMatch.getFunctionId()); + rmt.setResourceAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(resourceMatch.getAttribute(), true)); + rmt.setAttributeValue(PolicyAttributeFactory + .createStringAttributeType(resourceMatch.getAttribute().getValue())); + + resourceType.getResourceMatch().add(rmt); + } + + resourcesType.getResource().add(resourceType); + } + + //Process the Policy Rules + Set<Rule> rules = this.metaData.getRules(); + if(rules != null && !rules.isEmpty()) + { + for(Rule rule: rules) + { + RuleType ruleType = new RuleType(); + ruleType.setRuleId(rule.getRuleId()); + if(rule.getEffect() == Effect.PERMIT) + { + ruleType.setEffect(EffectType.PERMIT); + } + else + { + ruleType.setEffect(EffectType.DENY); + } + + //Process the Rule Target + if(rule.getTarget() != null) + { + List<AttributeExpression> actionMatches = rule.getTarget().getActionMatches(); + List<AttributeExpression> subjectMatches = rule.getTarget().getSubjectMatches(); + TargetType ruleTarget = new TargetType(); + + if(actionMatches != null && !actionMatches.isEmpty()) + { + ruleTarget.setActions(this.generateRuleActions(actionMatches)); + } + + if(subjectMatches != null && !subjectMatches.isEmpty()) + { + ruleTarget.setSubjects(this.generateRuleSubjects(subjectMatches)); + } + + ruleType.setTarget(ruleTarget); + } + + //Process the Rule Expression/Condition + ConditionType condition = this.generateCondition(objectFactory, rule.getExpression()); + ruleType.setCondition(condition); + + policyType.getCombinerParametersOrRuleCombinerParametersOrVariableDefinition().add(ruleType); + } + } + + bos = new ByteArrayOutputStream(); + PolicyUtil.marshall(bos, policyType); + xacmlXml = new String(bos.toByteArray()); + + return xacmlXml; + } + catch(Exception e) + { + throw new PolicyException(e); + } + finally + { + if(bos != null) + { + try{bos.close();}catch(IOException ioe){} + } + } + } + + private ActionsType generateRuleActions(List<AttributeExpression> actionMatches) + { + ActionsType actions = new ActionsType(); + + for(AttributeExpression action: actionMatches) + { + ActionType actionType = new ActionType(); + ActionMatchType amct = new ActionMatchType(); + amct.setMatchId(action.getFunctionId()); + amct.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(action.getAttribute().getValue())); + amct.setActionAttributeDesignator(AttributeDesignatorUtil.getAttributeDesignator(action.getAttribute(), true)); + actionType.getActionMatch().add(amct); + actions.getAction().add(actionType); + } + + return actions; + } + + private SubjectsType generateRuleSubjects(List<AttributeExpression> subjectMatches) + { + SubjectsType subjects = new SubjectsType(); + + for(AttributeExpression subject: subjectMatches) + { + SubjectType subjectType = new SubjectType(); + SubjectMatchType match = new SubjectMatchType(); + match.setMatchId(subject.getFunctionId()); + match.setAttributeValue(PolicyAttributeFactory.createStringAttributeType(subject.getAttribute().getValue())); + match.setSubjectAttributeDesignator((SubjectAttributeDesignatorType)AttributeDesignatorUtil.getAttributeDesignator(subject.getAttribute(), true)); + subjectType.getSubjectMatch().add(match); + subjects.getSubject().add(subjectType); + } + + return subjects; + } + + /** + * + * @param expression + * @return + */ + private ConditionType generateCondition(ObjectFactory objectFactory, Expression expression) + { + ConditionType condition = new ConditionType(); + + if(expression instanceof AttributeExpression) + { + AttributeExpression attributeExpression = (AttributeExpression)expression; + + //Function to be applied + ApplyType apply = new ApplyType(); + apply.setFunctionId(attributeExpression.getFunctionId()); + + //Value to check against + AttributeValueType attrValue = PolicyAttributeFactory.createStringAttributeType(attributeExpression.getAttribute().getValue()); + JAXBElement<AttributeValueType> jaxbAttrValue = objectFactory.createAttributeValue(attrValue); + apply.getExpression().add(jaxbAttrValue); + + //Place within the Context where this Value should exist during an Authorization Request + apply.getExpression().add(AttributeDesignatorUtil.getAttributeDesignatorXml(attributeExpression.getAttribute(), true)); + + + condition.setExpression(objectFactory.createApply(apply)); + } + else if(expression instanceof DroolsRuleExpression) + { + DroolsRuleExpression ruleExpression = (DroolsRuleExpression)expression; + + //Function to be applied + ApplyType apply = new ApplyType(); + apply.setFunctionId(ruleExpression.getFunctionId()); + + + VariableReferenceType ruleReference = new VariableReferenceType(); + ruleReference.setVariableId(ruleExpression.getRuleReference()); + JAXBElement<VariableReferenceType> jaxbRuleReference = objectFactory.createVariableReference(ruleReference); + apply.getExpression().add(jaxbRuleReference); + + + condition.setExpression(objectFactory.createApply(apply)); + } + + return condition; + } + + private String generateUniqueId() + { + return UUID.randomUUID().toString(); + } +} Added: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/NoPermitMeansDeniedAlg.java =================================================================== --- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/NoPermitMeansDeniedAlg.java (rev 0) +++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/test/NoPermitMeansDeniedAlg.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,83 @@ +/****************************************************************************** + * JBoss, a division of Red Hat * + * Copyright 2006, Red Hat Middleware, LLC, and individual * + * contributors as indicated by the @authors tag. See the * + * copyright.txt in the distribution for a full listing of * + * individual contributors. * + * * + * This is free software; you can redistribute it and/or modify it * + * under the terms of the GNU Lesser General Public License as * + * published by the Free Software Foundation; either version 2.1 of * + * the License, or (at your option) any later version. * + * * + * This software is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * + * Lesser General Public License for more details. * + * * + * You should have received a copy of the GNU Lesser General Public * + * License along with this software; if not, write to the Free * + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. * + ******************************************************************************/ +package org.jboss.security.authz.agent.test; + +import java.util.List; +import java.util.Iterator; +import java.net.URI; +import java.net.URISyntaxException; + +import org.jboss.security.xacml.sunxacml.combine.RuleCombiningAlgorithm; +import org.jboss.security.xacml.sunxacml.EvaluationCtx; +import org.jboss.security.xacml.sunxacml.ctx.Result; +import org.jboss.security.xacml.sunxacml.Rule; +import org.jboss.security.xacml.sunxacml.combine.RuleCombinerElement; + +/** + * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> + * + */ +public class NoPermitMeansDeniedAlg extends RuleCombiningAlgorithm +{ + /** + * + * @throws URISyntaxException + */ + public NoPermitMeansDeniedAlg() throws URISyntaxException + { + super(new URI("rule-combining-alg:nopermit-means-denied")); + } + + /** + * + * @param context + * @param rules + * @return + */ + public Result combine(EvaluationCtx context, List parameters, List ruleElements) + { + Result result = new Result(Result.DECISION_PERMIT); + + Iterator rules = ruleElements.iterator(); + boolean permitFound = false; + while(rules.hasNext()) + { + RuleCombinerElement ruleCombinerElement = (RuleCombinerElement)rules.next(); + Rule rule = ruleCombinerElement.getRule(); + Result currentResult = rule.evaluate(context); + + if(currentResult.getDecision() == Result.DECISION_PERMIT) + { + permitFound = true; + break; + } + } + + if(!permitFound) + { + result = new Result(Result.DECISION_DENY); + } + + return result; + } +} Added: modules/authorization/trunk/agent/src/test/resources/log4j.properties =================================================================== --- modules/authorization/trunk/agent/src/test/resources/log4j.properties (rev 0) +++ modules/authorization/trunk/agent/src/test/resources/log4j.properties 2009-06-16 16:47:34 UTC (rev 13461) @@ -0,0 +1,8 @@ +# Set root category priority to INFO and its only appender to CONSOLE. +log4j.rootCategory=DEBUG, CONSOLE + +# CONSOLE is set to be a ConsoleAppender using a PatternLayout. +log4j.appender.CONSOLE.Threshold=DEBUG +log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender +log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout +log4j.appender.CONSOLE.layout.ConversionPattern=- %m%n Modified: modules/authorization/trunk/common-api/pom.xml =================================================================== --- modules/authorization/trunk/common-api/pom.xml 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/pom.xml 2009-06-16 16:47:34 UTC (rev 13461) @@ -18,12 +18,6 @@ <dependency> <groupId>org.jboss.security</groupId> <artifactId>jboss-xacml</artifactId> - </dependency> - - <!-- jboss microcontainer --> - <dependency> - <groupId>org.jboss.microcontainer</groupId> - <artifactId>jboss-kernel</artifactId> - </dependency> + </dependency> </dependencies> </project> Modified: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentCategory.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -32,12 +32,12 @@ { RESOURCE { - String getAttributeCategory() + public String getAttributeCategory() { return XACMLConstants.ATTRIBUTEID_RESOURCE_ID; } - void setExpression(Target target,AttributeExpression expression) + public void setExpression(Target target,AttributeExpression expression) { target.addResourceMatch(expression); } @@ -46,12 +46,12 @@ SUBJECT { - String getAttributeCategory() + public String getAttributeCategory() { return XACMLConstants.ATTRIBUTEID_SUBJECT_ID; } - void setExpression(Target target, AttributeExpression expression) + public void setExpression(Target target, AttributeExpression expression) { target.addSubjectMatch(expression); } @@ -60,18 +60,18 @@ ACTION { - String getAttributeCategory() + public String getAttributeCategory() { return XACMLConstants.ATTRIBUTEID_ACTION_ID; } - void setExpression(Target target, AttributeExpression expression) + public void setExpression(Target target, AttributeExpression expression) { target.addActionMatch(expression); } }; //Define the enum behavior - abstract String getAttributeCategory(); - abstract void setExpression(Target target, AttributeExpression expression); + public abstract String getAttributeCategory(); + public abstract void setExpression(Target target, AttributeExpression expression); } Deleted: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentRepository.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentRepository.java 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/ComponentRepository.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -1,62 +0,0 @@ -/* -* JBoss, a division of Red Hat -* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated -* by the @authors tag. See the copyright.txt in the distribution for a -* full listing of individual contributors. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ -package org.jboss.security.authz.component; - -import java.util.Map; - -/** - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - */ -public class ComponentRepository -{ - private Map<String, Component> registeredComponents; - - public ComponentRepository() - { - - } - - public void start() - { - - } - - public void stop() - { - - } - //-----------Repository Access related services---------------------------------------------------------------------------------------------------------------------------------------------------------- - public void register(String name, Component component) - { - this.registeredComponents.put(name, component); - } - - public Component getComponent(String name) - { - return this.registeredComponents.get(name); - } - - public void unregister(String name) - { - this.registeredComponents.remove(name); - } -} Deleted: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/PolicyComposer.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/PolicyComposer.java 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/PolicyComposer.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -1,30 +0,0 @@ -/* -* JBoss, a division of Red Hat -* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated -* by the @authors tag. See the copyright.txt in the distribution for a -* full listing of individual contributors. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ -package org.jboss.security.authz.component; - -/** - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - */ -public class PolicyComposer -{ - -} Deleted: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposer.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposer.java 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposer.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -1,30 +0,0 @@ -/* -* JBoss, a division of Red Hat -* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated -* by the @authors tag. See the copyright.txt in the distribution for a -* full listing of individual contributors. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ -package org.jboss.security.authz.component; - -/** - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - */ -public class RuleComposer -{ - -} Deleted: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposition.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposition.java 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleComposition.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -1,209 +0,0 @@ -/* -* JBoss, a division of Red Hat -* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated -* by the @authors tag. See the copyright.txt in the distribution for a -* full listing of individual contributors. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ -package org.jboss.security.authz.component; - -import java.lang.reflect.Method; -import java.lang.annotation.Annotation; -import java.util.Set; -import java.util.HashSet; - -import org.apache.log4j.Logger; - -import org.jboss.security.authz.model.Rule; -import org.jboss.security.authz.model.Expression; -import org.jboss.security.authz.model.Effect; -import org.jboss.security.authz.model.Target; -import org.jboss.security.authz.model.DroolsRuleExpression; -import org.jboss.security.authz.tools.GeneralTool; - -/** - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - */ -public class RuleComposition -{ - private static Logger log = Logger.getLogger(RuleComposition.class); - - private Object targetComponent; - private Object logicComponent; - private String expressionName; - private Effect effect; - - public RuleComposition() - { - - } - - public Object getTargetComponent() - { - return targetComponent; - } - - public void setTargetComponent(Object targetComponent) - { - this.targetComponent = targetComponent; - } - - public Object getLogicComponent() - { - return logicComponent; - } - - public void setLogicComponent(Object logicComponent) - { - this.logicComponent = logicComponent; - } - - public Effect getEffect() - { - return effect; - } - - public void setEffect(Effect effect) - { - this.effect = effect; - } - - public String getExpressionName() - { - return expressionName; - } - - public void setExpressionName(String expressionName) - { - this.expressionName = expressionName; - } - //---------------------------------------------------------------------------------------------------------------------------------------------------------------- - public Set<Rule> compose() - { - if(this.effect == null) - { - throw new IllegalStateException("Effect is missing!!"); - } - - if(this.expressionName != null) - { - if(this.logicComponent == null) - { - throw new IllegalStateException("Logic Component is missing!!"); - } - } - - try - { - Set<Rule> rules = new HashSet<Rule>(); - - Rule rule = new Rule(); - - rule.setRuleId(GeneralTool.generateUniqueId()); - rule.setEffect(this.effect); - - //Generate the Target for this rule - Set<Target> impliedActions = new HashSet<Target>(); - if(this.targetComponent != null) - { - TargetComposition targetComposition = new TargetComposition(); - targetComposition.setTargetComponent(this.targetComponent); - rule.setTarget(targetComposition.compose()); - - Set<Target> cour = targetComposition.composeImpliedTargets(); - if(cour != null && !cour.isEmpty()) - { - impliedActions.addAll(cour); - } - } - - //Generate the Logic Expression of this rule - if(this.expressionName != null) - { - rule.setExpression(this.generateExpression()); - } - - rules.add(rule); - - //Add any implied actions - if(impliedActions != null && !impliedActions.isEmpty()) - { - for(Target impliedAction: impliedActions) - { - Rule impliedRule = new Rule(); - - impliedRule.setRuleId(GeneralTool.generateUniqueId()); - impliedRule.setEffect(rule.getEffect()); - impliedRule.setExpression(rule.getExpression()); - impliedRule.setTarget(impliedAction); - - rules.add(impliedRule); - } - } - - return rules; - } - catch(Exception e) - { - //TODO: handle this properly - log.error(this, e); - throw new RuntimeException(e); - } - } - //---------------------------------------------------------------------------------------------------------------------------------------------------------------- - private Expression generateExpression() throws Exception - { - DroolsRuleExpression expression = new DroolsRuleExpression(); - - //Read the LogicExpression of the Logic Component - Method expressionMethod = this.findExpression(this.logicComponent.getClass(), this.expressionName); - expressionMethod.setAccessible(true); - - String[] expressionMetaData = (String[])expressionMethod.invoke(this.logicComponent, null); - - expression.setRuleReference(expressionMetaData[0]); - expression.setRule(expressionMetaData[1]); - - return expression; - } - - private Method findExpression(Class targetClass, String expressionName) - { - Method[] declaredMethods = targetClass.getDeclaredMethods(); - if(declaredMethods != null) - { - for(Method declaredMethod: declaredMethods) - { - Annotation logicExpression = declaredMethod.getAnnotation(LogicExpression.class); - if(logicExpression != null) - { - if(declaredMethod.getName().equals(expressionName)) - { - return declaredMethod; - } - } - } - } - - if(targetClass.getSuperclass() != null) - { - return this.findExpression(targetClass.getSuperclass(), expressionName); - } - - return null; - } -} Deleted: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleDeclarationRepository.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleDeclarationRepository.java 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/RuleDeclarationRepository.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -1,64 +0,0 @@ -/* -* JBoss, a division of Red Hat -* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated -* by the @authors tag. See the copyright.txt in the distribution for a -* full listing of individual contributors. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ -package org.jboss.security.authz.component; - -import java.util.Set; -import java.util.HashSet; - -import org.apache.log4j.Logger; - -/** - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - */ -public class RuleDeclarationRepository -{ - private static Logger log = Logger.getLogger(RuleDeclarationRepository.class); - - private Set<ComponentMarker> components; - - public RuleDeclarationRepository() - { - } - - public void start() - { - this.components = new HashSet<ComponentMarker>(); - log.info("-------------------------------------------------------------------"); - log.info("RuleDeclarationRepository successfully started....................."); - log.info("-------------------------------------------------------------------"); - } - - public void stop() - { - - } - - public void register(ComponentMarker component) - { - this.components.add(component); - - log.debug("--------------------------------------------------------------"); - log.debug(component.getClass()+" was successfully registered............."); - log.debug("--------------------------------------------------------------"); - } - //--------------------------------------------------------------------------------------------------------------------------------------------------------------- -} Deleted: modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/TargetComposition.java =================================================================== --- modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/TargetComposition.java 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/common-api/src/main/java/org/jboss/security/authz/component/TargetComposition.java 2009-06-16 16:47:34 UTC (rev 13461) @@ -1,218 +0,0 @@ -/* -* JBoss, a division of Red Hat -* Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated -* by the @authors tag. See the copyright.txt in the distribution for a -* full listing of individual contributors. -* -* This is free software; you can redistribute it and/or modify it -* under the terms of the GNU Lesser General Public License as -* published by the Free Software Foundation; either version 2.1 of -* the License, or (at your option) any later version. -* -* This software is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -* Lesser General Public License for more details. -* -* You should have received a copy of the GNU Lesser General Public -* License along with this software; if not, write to the Free -* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA -* 02110-1301 USA, or see the FSF site: http://www.fsf.org. -*/ -package org.jboss.security.authz.component; - -import java.lang.annotation.Annotation; -import java.lang.reflect.Field; -import java.util.Set; -import java.util.HashSet; - -import org.apache.log4j.Logger; - -import org.jboss.security.authz.model.Target; -import org.jboss.security.authz.model.Attribute; -import org.jboss.security.authz.model.AttributeExpression; -import org.jboss.security.xacml.interfaces.XACMLConstants; -import org.jboss.security.xacml.interfaces.XMLSchemaConstants; - -/** - * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a> - */ -public class TargetComposition -{ - private static Logger log = Logger.getLogger(TargetComposition.class); - - private Object targetComponent; - - public TargetComposition() - { - - } - - public Object getTargetComponent() - { - return targetComponent; - } - - public void setTargetComponent(Object targetComponent) - { - this.targetComponent = targetComponent; - } - //------------------------------------------------------------------------------------------------------------------------------------------------------------------ - public Target compose() - { - if(this.targetComponent == null) - { - throw new IllegalStateException("Target Component is null!!"); - } - - try - { - Target mainTarget = this.generateTarget(); - return mainTarget; - } - catch(Exception e) - { - //TODO: handle this properly - log.error(this, e); - throw new RuntimeException(e); - } - } - - public Set<Target> composeImpliedTargets() - { - try - { - Set<Target> impliedTargets = new HashSet<Target>(); - - String[] impliedActions = this.findImpliedActions(this.targetComponent.getClass()); - if(impliedActions != null) - { - for(String impliedAction: impliedActions) - { - //TODO: Find the Action Component from the repository - Object impliedActionComponent = null; - if(impliedAction.equals("read")) - { - impliedActionComponent = Thread.currentThread().getContextClassLoader().loadClass("org.jboss.security.authz.components.action.Read").newInstance(); - } - else if(impliedAction.equals("write")) - { - impliedActionComponent = Thread.currentThread().getContextClassLoader().loadClass("org.jboss.security.authz.components.action.Write").newInstance(); - } - - //Compose this action target - TargetComposition comp = new TargetComposition(); - comp.setTargetComponent(impliedActionComponent); - impliedTargets.add(comp.compose()); - } - } - - return impliedTargets; - } - catch(Exception e) - { - //TODO: handle this properly - log.error(this, e); - throw new RuntimeException(e); - } - } - //---------------------------------------------------------------------------------------------------------------------------------------------------------------- - private Target generateTarget() throws Exception - { - Target target = new Target(); - - //Read the TargetUri - Field targetField = this.findTargetField(this.targetComponent.getClass()); - targetField.setAccessible(true); - Object targetUriObj = targetField.get(this.targetComponent); - - //Get a String representation of this URI - String uriStr = targetUriObj.toString(); - - //use the proper category for the data - ComponentCategory category = this.findComponentCategory(this.targetComponent.getClass()); - String attributeCategory = category.getAttributeCategory(); - - AttributeExpression urlExpression = new AttributeExpression(); - if (uriStr.charAt(0) == '/' && uriStr.endsWith("/*")) - { - // If URL starts with '/' and ends with "/*", use a regular - // expression to match it (In consistency with the servlet spec) - urlExpression - .setFunctionId(XACMLConstants.FUNCTION_REGEXP_STRING_MATCH); - - String uriexp = uriStr.substring(1, uriStr.length() - 2); - StringBuilder buffer = new StringBuilder(); - buffer.append("^/" + uriexp + "$|"); - buffer.append("^" + uriexp + "$|"); - buffer.append("^/" + uriexp + "/.*|"); - buffer.append("^" + uriexp + "/.*"); - - Attribute attribute = new Attribute( - attributeCategory, - XMLSchemaConstants.DATATYPE_STRING, buffer.toString()); - urlExpression.setAttribute(attribute); - } - else - { - // use an exact match - urlExpression.setFunctionId(XACMLConstants.FUNCTION_STRING_EQUAL); - - Attribute attribute = new Attribute( - attributeCategory, - XMLSchemaConstants.DATATYPE_STRING, uriStr); - urlExpression.setAttribute(attribute); - } - - //Depending up the data category add the appropriate match expression - category.setExpression(target, urlExpression); - - return target; - } - - private ComponentCategory findComponentCategory(Class targetClass) - { - Annotation component = targetClass.getAnnotation(Component.class); - if(component != null) - { - return ((Component)component).category(); - } - - return null; - } - - private String[] findImpliedActions(Class targetClass) - { - Annotation impliedActions = targetClass.getAnnotation(ImpliedActions.class); - if(impliedActions != null) - { - return ((ImpliedActions)impliedActions).value(); - } - - return null; - } - - private Field findTargetField(Class targetClass) - { - Field[] declaredFields = targetClass.getDeclaredFields(); - if(declaredFields != null) - { - for(Field declaredField: declaredFields) - { - Annotation targetUri = declaredField.getAnnotation(TargetUri.class); - if(targetUri != null) - { - return declaredField; - } - } - } - - //If I get here, query the super class - if(targetClass.getSuperclass() != null) - { - return this.findTargetField(targetClass.getSuperclass()); - } - - return null; - } -} Modified: modules/authorization/trunk/core-components-api/pom.xml =================================================================== --- modules/authorization/trunk/core-components-api/pom.xml 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/core-components-api/pom.xml 2009-06-16 16:47:34 UTC (rev 13461) @@ -34,14 +34,6 @@ <dependency> <groupId>org.drools</groupId> <artifactId>drools-compiler</artifactId> - </dependency> - - <!-- Test Dependencies --> - <!-- jboss microcontainer --> - <dependency> - <groupId>org.jboss.microcontainer</groupId> - <artifactId>jboss-kernel</artifactId> - <scope>test</scope> - </dependency> + </dependency> </dependencies> </project> Deleted: modules/authorization/trunk/core-components-api/src/main/resources/authz-components.xml =================================================================== --- modules/authorization/trunk/core-components-api/src/main/resources/authz-components.xml 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/core-components-api/src/main/resources/authz-components.xml 2009-06-16 16:47:34 UTC (rev 13461) @@ -1,66 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<components> - <!-- - TODO: Just for prototyping the Component Contract. Eventually the method of configuration will be POJO components with Annotations - --> - <target-component name="uri" category="resource" class="org.jboss.security.authz.components.resource.URIResource"> - <target-uri>uniqueUri</target-uri> - </target-component> - - <target-component name="operation" category="action" class="org.jboss.security.authz.components.action.Operation"> - <target-uri>name</target-uri> - </target-component> - - <target-component name="read" category="action" class="org.jboss.security.authz.components.action.Read"> - <target-uri>name</target-uri> - </target-component> - - <target-component name="write" category="action" class="org.jboss.security.authz.components.action.Write"> - <target-uri>name</target-uri> - </target-component> - - <target-component name="manage" category="action" class="org.jboss.security.authz.components.action.Manage"> - <target-uri>name</target-uri> - </target-component> - - <logic-component name="identity" category="subject" class="org.jboss.security.authz.components.subject.Identity"> - <target-uri>uri</target-uri> - <logic-data> - <data>name</data> - </logic-data> - </logic-component> - - <logic-component name="roles" category="subject" class="org.jboss.security.authz.components.subject.Roles"> - <target-uri></target-uri> - <logic-data> - <data>names</data> - </logic-data> - <logic-expressions> - <expression>allowExpression</expression> - <expression>denyExpression</expression> - </logic-expressions> - </logic-component> - - - <!-- - Core Rule Compositions shipped with the framework. These can be re-used and more compositions can be added - depending upon Application/Profile Requirements - --> - <rule-composition name="permitIdentity" outcome="permit"> - <target-component>identity</target-component> - </rule-composition> - - <rule-composition name="denyIdentity" outcome="deny"> - <target-component>identity</target-component> - </rule-composition> - - <rule-composition name="permitRole" outcome="permit"> - <target-component>operation</target-component> - <logic-component expression="allowExpression">roles</logic-component> - </rule-composition> - - <rule-composition name="denyRole" outcome="deny"> - <target-component>operation</target-component> - <logic-component expression="denyExpression">roles</logic-component> - </rule-composition> -</components> \ No newline at end of file Modified: modules/authorization/trunk/pom.xml =================================================================== --- modules/authorization/trunk/pom.xml 2009-06-16 15:03:53 UTC (rev 13460) +++ modules/authorization/trunk/pom.xml 2009-06-16 16:47:34 UTC (rev 13461) @@ -12,6 +12,7 @@ <modules> <module>common-api</module> <module>core-components-api</module> + <module>agent</module> <module>policy-server</module> <module>http-profile</module> <module>portal-profile</module>